Protection against DDoS attacks

DDoS attacks have become one of the most widespread cyber threats in recent years. With their help, attackers can completely paralyze a web resource, shutting down access for users for an indefinite period of time. For online businesses, financial companies and web portals of public services, this can be very painful. In addition, the trust of customers who cannot access the site falls, losing the ability to safely perform financial transactions or other actions that require confidentiality, which undermines the reputation of the resource.

What are DDoS attacks

A DDoS (Distributed Denial of Service) attack is a distributed denial of service. In other words, attackers perform certain actions to make the site stop working.

During a DDoS attack, they send from controlled resources a huge number of requests to the server (virus traffic) over the network, which it is unable to process. The system overloads and crashes, the server stops working, and clients lose access to the site.

DDoS attacks especially affect personal websites created on free templates. Usually, the owner of such a resource does not have enough experience in protecting against cyber threats. The price of such carelessness can be very high. We recommend buying a server administration service to effectively combat DDoS attacks from TutHost.

Classification of DDoS attacks

The attack most often utilizes certain layers of the OSI open systems interaction model:

  1. Infrastructure Levels:
    1. L3 networking – attacks target routers and switches. IP, DVMRP, ICMP, IGMP, PIM-SM, IPsec, IPX, RIP, DDP, OSPF, and OSPF protocols are used.
    2. L4 transport – attacks are aimed at servers and various services (gaming, etc.). TCP and UDP protocols, DCCP, RUDP, SCTP, UDP Lite subprotocols are used.
  2. L7 Application layers. At the application layer, attacks target services, applications, and sites. HTTP, HTTPS, and DNS protocols are used.

The goal of a network-level attack is to deny service to legitimate requests. DDoS attacks on transportation infrastructure are massive, they overload network bandwidth and servers with traffic, but are easily identified by certain characteristics.

Application-level attacks are not as massive, but target vulnerabilities in the application architecture. Such attacks use SSL violation, flooding of DNS and HTTP requests, application API request streams or Wordpress Pingback.

Methods of protection against DDoS attacks

There are several methods to neutralize and protect against DDoS attacks.

Isolation of attack zones

To effectively neutralize an attack, you need to limit the area that can be affected by the cyber threat. Reducing the zone reduces the hackers’ capabilities and increases the server administrator’s chances of detecting and neutralizing the attack in time.

You need to minimize or disable points of vulnerability such as ports, applications and protocols with which you don’t intend to interact, limit traffic to certain parts of the infrastructure (e.g. databases), use CDNs, load balancers, etc.

Increase server throughput and performance

This method helps to neutralize large-scale DDoS attacks by absorbing them. To do this, you need to provide increased bandwidth when connecting to the network. During a large-scale attack, the bandwidth will be enough to keep the application or resource available to clients even with virus traffic. Also, applications and resources should be placed near large internetworking nodes that help increase bandwidth.

DDoS attacks use a lot of resources, so you need to be able to adjust the server’s processing power. Increased server performance supports the processing of large volumes of traffic. Use load balancers to regulate load distribution and minimize overloads.

Benchmark and atypical traffic

Another method of calculating a DDoS attack is to track traffic. Atypical traffic is when multiple requests arrive at non-standard times, from non-target regions from which there are usually no visitors. For example, traffic suddenly increases at 2 a.m. from New Zealand, even though your target audience is in Ukraine.

Therefore, it is necessary to check logs and monitor such atypical activities. If the volume of requests exceeds the maximum allowable traffic, you should take measures to neutralize it. But at the same time, don’t forget that during the pre-holiday period or during the sales season, traffic may increase significantly due to natural causes.

Use of firewalls

To protect against DDoS attacks that exploit vulnerabilities in applications by injecting SQL code or cross-site scripting, it is better to use a firewall. It will neutralize requests based on certain characteristics that differ from the reference traffic. For example, requests from suspicious IPs or atypical geographic regions.

Who needs DDoS protection service

The most common targets of DDoS attacks are:

  • financial sector;
  • payment systems;
  • online stores;
  • government agencies.

Media companies’ resources are also not uncommon victims, for example, during top online broadcasts, when traffic increases dramatically.

Why basic defenses do not protect against DDoS attacks

Standard IPS and firewall systems help maintain data integrity and prevent data leakage within a company’s resources, but they do not protect against external threats and can be targeted by attackers themselves.

Why you should choose TutHost’s DDoS Protection service

Our DDoS attack protection service includes the following services:

  • traffic monitoring, high accuracy in detecting malicious requests;
  • fast organization of protection against attacks, installation of SYN, HTTP, UDP/ISMP flood filters;
  • to repel large-scale attacks;
  • ensuring server availability.

You can choose and buy one of the three tariff plans of the DDoS protection service at an affordable price. We guarantee reliable protection from external attacks and availability of your web resources and applications for clients.

  • Repel high volume attacks over 1 Tbps
  • Quickly organize the protection of your service
  • Detect malicious traffic with high accuracy
  • Ensure monitoring the availability of services

security Anti DDoS Lite

100.00 $ / month.
Order

lock DDOS protection
1domain

inverse UDP/ICMP filter
100 GBPS

network SYNFLOOD filter
750 KPPS

cloudmanaged HTTP filter 
5000 requests/s.

global Net traffic
100 MBPS

protection Anti DDoS Pro

250.00 $ / month.
Order

lock DDOS protection
4domains

inverse UDP/ICMP filter
300 GBPS

network SYNFLOOD filter
10M KPPS

cloudmanaged HTTP Filter 
20000 requests/s.

global Net traffic
250 MBPS

Protected Anti DDoS Premium

500.00 $ / month.
Order

lock DDOS protection
Unlimited

inverse UDP/ICMP filter
2000 GBPS

network SYNFLOOD filter
10M KPPS

cloudmanaged HTTP Filter 
100000 requests/s.

global Net traffic
500 MBPS

  • Bonus: If you pay at once for 1 year – 2 months of protection from DDoS-attacks on the site you will get as a gift

What is additionally included in the rates?

emailopen
Mail protection
Sending mail through a secure channel
document
Lists
Blacklist and whitelist management
freenetwork
Proxy
Proxying outgoing connections
cloudsecurity
SSL Certificate
We can use your SSL certificate
window
Control Panel
Online Statistics. Access and error logs
compare
Load balancing
Proxying outgoing connections

You can order hosting with protection from DDoS attacks in any convenient way: by email, online chat or through your personal cabinet. This will give you universal server protection from DDoS attacks, as well as websites and more.

You can order DDoS protection services in any way you like: by email, online chat or in your personal cabinet.

Just tell us which site you need protection for, and we’ll give you a protected IP, help to direct traffic to it, install the certificate and get the clear traffic.